MSC3861: load the issuer and account management URLs from OIDC discovery (#17407)
This will help mitigating any discrepancies between the issuer configured and the one returned by the OIDC provider. This also removes the need for configuring the `account_management_url` explicitely, as it will now be loaded from the OIDC discovery, as per MSC2965. Because we may now fetch stuff for the .well-known/matrix/client endpoint, this also transforms the client well-known resource to be asynchronous.
Showing
- changelog.d/17407.misc 1 addition, 0 deletionschangelog.d/17407.misc
- synapse/api/auth/msc3861_delegated.py 31 additions, 2 deletionssynapse/api/auth/msc3861_delegated.py
- synapse/rest/client/auth.py 11 additions, 5 deletionssynapse/rest/client/auth.py
- synapse/rest/client/auth_issuer.py 8 additions, 2 deletionssynapse/rest/client/auth_issuer.py
- synapse/rest/client/keys.py 11 additions, 5 deletionssynapse/rest/client/keys.py
- synapse/rest/client/login.py 1 addition, 1 deletionsynapse/rest/client/login.py
- synapse/rest/well_known.py 21 additions, 16 deletionssynapse/rest/well_known.py
- tests/rest/client/test_auth_issuer.py 19 additions, 1 deletiontests/rest/client/test_auth_issuer.py
- tests/rest/test_well_known.py 23 additions, 14 deletionstests/rest/test_well_known.py
Loading
Please register or sign in to comment